8 August 2017

A common software testing flaw was exposed by CBA money laundering case

The Commonwealth Bank has conveniently blamed a "coding error" for its non-compliance with anti-money laundering compliance requirements. However, this attitude also exposes a very common flaw in software testing of large applications: subject matter experts (SMEs) are incorrectly utilised, in ensuring that business rules are properly implemented and executed during the software testing phase.

Frankly, "coding error" is likely to be the PR department's words for explaining this embarrassing blunder, but the software testing experts within the IDM software team should be very worried about their job security. Their oversight is a function of human error that goes unchecked due to poor processes that do not offer the requisite level of scrutiny.

The cost of software testing failure is a widely debated topic. This number seems quite plausible given the uber-pervasive nature of tentacles of many large enterprise applications:

Debate that figure all you want, but we can definitely agree on the fact that the cost of the brand damage done from such events far outweighs any direct losses incurred. That too, not just to the corporate brand, but also to reputations of otherwise intelligent and competent professionals. This is not the first time that banks have made such monumental blunders and if they keep relying on outdated software testing tools and practices, it won't be the last time either.

What causes this flaw in software testing projects?

There is no one characteristic of any software testing project that allows such big, hairy mammoths to slip through the cracks. Any good software testing project consists of the right balance of intelligent people, practical processes and performance-oriented products or testing tools.

So let's break this down into the various components. As far as people are concerned, we know that the "shift left" or the introduction of faster development cycles through DevOps and Continuous Delivery is causing a lot of stress:

This extra stress will almost always result in human error. Most such errors will be minor and easily fixed at a later date, but some errors will be so big that examples will need to be made of the unfortunate people at their epicentre. The probability of major errors occurring is enhanced by the complexity of modern applications and development and testing environments:

As development complexity, and therefore software testing complexity, increases, associated systems and processes break down. The process that comes under most heavy strain is that which governs how SMEs are included in and utilised to validate software testing activities.

I have seen that over-burdened software testing teams increasingly pass on more responsibility to SMEs. Because this is often done implicitly so as not rock the boat, nobody in the process quite understands where the responsibility sits and what business rules have actually been validated. I imagine that this very situation came to fruition in this Commonwealth Bank example!

If you are not locked into multi-decade licensing agreements with your current software testing tool vendor, then read our guide to selecting the best software testing tools for your needs. Whether you want to move to cloud testing or simply want the best testing tools to deliver on your goals, not asking these 6 questions can lead to embarrassing lapses such as the one the CBA has just suffered or, at the very least, spiralling software testing costs without any benefit to software quality:

In either case, the consequences are rather sour, but also usually avoidable.

What systems do I need to implement in my software testing project?

Achieving a perfectly balanced confluence people, processes and software testing tools is no easy task. There is no silver bullet or fool-proof recipe for doing this. A specialist software testing services company can exploit their body of knowledge across multiple customers to help you design a bespoke software testing practice that is right for you.

Our Software Testing Service Delivery Guide explains the methodology we use to run our testing projects. It may be a good start to gather your thoughts and some new ideas. Then you can take advantage of our free software quality strategy session where our consultants will give you personalised advice that will help you work through your specific challenges and hit your desired goals.

While there is never a "perfect solution," you can try to get as close as possible to that software testing oasis by asking the right questions before you make a decision.

How can test automation help?

Not at all, unless it is implemented correctly using a methodology that makes sense for your applications ecosystem. We find that model-based software testing, with its emphasis on data-driven testing and test automation is a system with which to cut testing time and find bugs before your users find them.

We place a lot of faith in test automation because we know it works. We've been able to cut down testing time for a UK-based customer from 4 weeks to 36 hours, with greater coverage than the previous manual-only software testing could ever achieve. But we have achieved these results by putting in place other crucial elements of an effective software testing project. Download our best practice guide to software testing to conduct an audit of the high performance aspects of software testing that your projects are missing.